Security Awareness – A New Trick to an Old Game: URL Phishing
We often train users about email-based phishing and common signs of an impersonated or fraudulent email address.
Cybersecurity
Cyber Resilience – Implementing a Zero Trust Framework
The COVID-19 pandemic and the resultant mass movement to remote work significantly accelerated the development toward a more distributed and fragmented network infrastructure. This paradigm reinforced the need to implement stricter security controls around user and device access.
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - September 23, 2021
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Massive Phishing-as-a-Service Campaign Revealed by Microsoft Security Researchers
On Tuesday, Microsoft’s security researchers published a report detailing a massive phishing-as-a-service campaign known as BulletProofLink. Phishing-as-a-Service offerings, or phishing kits, arm even the most novice threat actors with sophisticated platforms to launch widespread phishing campaigns with little more than a computer and a few hundred dollars. Researchers at Microsoft discovered this operation while investigating a separate phishing operation.
Flaw in Microsoft Exchange Autodiscover Function Allows Clear-Text Leakage of Windows Credentials
Approximately 100,000 Windows users worldwide have had their credentials leaked due to a flaw in the Microsoft Exchange Autodiscover feature. The Autodiscover feature is used by Microsoft Exchange to automatically configure a user’s email client with their organization’s predefined mail settings. After a user enters their credentials into an email client, the program attempts to authenticate to multiple Exchange Autodiscover URLs. It’s during this process that clear-text credentials could be routed to third-party untrusted websites to be collected.
CISA, FBI, and NSA Note Increase in Conti Ransomware Attacks in Advisory
The Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA have released a Joint Cybersecurity Advisory (CSA) on the Conti ransomware, noting they have observed the increased use of this malware in attacks. The advisory contains technical details on the malware; it also maps the malware’s techniques to the MITRE ATT&CK framework. Additionally, it discusses mitigation measures to reduce the risk of compromise by the Conti ransomware.
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - September 21, 2021
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
- None
Alerts, Updates, and Bulletins:
Cyber Hygiene – Addressing Authentication in Active Directory
Microsoft’s Active Directory (AD) service is rife with potential risk factors providing threat actors with multiple avenues of exploitation. The cybersecurity firm Mandiant reported that 90 percent of the breaches they surveyed exploited AD vulnerabilities. Topping the list of fixable AD vulnerabilities is inadequate authentication security. One of the most pervasive issues is corporate applications allowing users anonymous access to AD.
Trend Micro’s First Half of 2021 Cyber Threat Review
Trend Micro released its midyear review on cybersecurity threats detected in 2021 thus far. The study, Attacks From All Angles: 2021 Midyear Cybersecurity Report, covers Trend’s observations across ransomware, technical vulnerabilities, the impacts from the pandemic, and more. The report asserts that almost 41 billion threats were identified and blocked in the first six months of this year. Ransomware operations decreased from 14 million in the first half of 2020 to over 7 million during the same period this year.
Pages
